XSStrike icon indicating copy to clipboard operation
XSStrike copied to clipboard

Published 20 hours ago verified publisher icon s0md3v

False Positive Issue...

Open SidNimSan opened this issue 1 month ago • 1 comments

I used XSStrike on a website with this command:

XSStrike generated the following output: XSStrike v4.0.0 [!] Testing parameter: srule [!] Reflections found: 2 [~] Analysing reflections [~] Generating payloads [!] Payloads generated: 24

[+] Payload: %0daUtOFOCUS%0donfoCUs=(prompt)`` [!] Efficiency: 100 [!] Confidence: 8 [?] Would you like to continue scanning? [y/N]

I am unable to exploit the all the 24 payloads.

XSStrike generated the following output: XSStrike v4.0.0

[!] Testing parameter: cgid [!] Reflections found: 3 [~] Analysing reflections [~] Generating payloads [!] Payloads generated: 1536 [~] Progress: 297/1536

[+] Payload: <html%0aonmouseoVer%0a=%0aa=prompt,a()%0dx// [!] Efficiency: 91 [!] Confidence: 10

Is this a false positive?

If i am doing wrong please guide the procesure to exploit it.

Thank You

SidNimSan avatar May 20 '24 13:05 SidNimSan